»

Bitcoin-mining trojan disguises itself as antivirus

A computer security firm has warned users against falling for a new malware that spoofs one of its antivirus products.

Trend Micro said the spoof is part of social engineering used by malware writers to fool users into running their programs.

"We believe that by spoofing Trend Micro properties, the people behind this threat are hoping to trick unwitting users into executing the file," it said in a blog post.

It said its products detect the malware as TROJ_RIMECUD.AJL, which when executed creates a process svchost.exe and downloads a component package.

The package it downloads contains a Bitcoin miner application created by Ufasoft. The Bitcoin app is detected as HKTL_BITCOINMINE.

"Bitcoin is considered digital currency and can be used to pay certain transactions online. This attack is timely because of the news that Bitcoin Central has been approved by the law to function as a bank where exchange from Euro and Bitcoins are now possible," Trend Micro noted.

Trend Micro said the malware also consumes much of the infected computer system’s resources.